package com.wangdao.wechatmall.controller.admin;

import com.wangdao.wechatmall.bean.bo.AuthLoginBO;
import com.wangdao.wechatmall.bean.pojo.Admin;
import com.wangdao.wechatmall.bean.vo.admin.AuthInfoVO;
import com.wangdao.wechatmall.bean.vo.admin.BaseRespVo;
import com.wangdao.wechatmall.realm.MallToken;
import com.wangdao.wechatmall.service.admin.AdminService;
import com.wangdao.wechatmall.service.admin.PermissionService;
import com.wangdao.wechatmall.service.admin.RoleService;
import com.wangdao.wechatmall.util.ApiTransformUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;


/**
 * @author ZhangXiao on 2021/7/10
 */
@RestController
@RequestMapping("admin/auth")
public class AuthController {

    @PostMapping("/login")
    public BaseRespVo login(HttpServletRequest request, @RequestBody AuthLoginBO authLoginBO) throws Exception {
        Subject subject = SecurityUtils.getSubject();

        String username = authLoginBO.getUsername();
        String password = authLoginBO.getPassword();

        try {
            //执行认证
            subject.login(new MallToken(username, password, "admin"));

        } catch (AuthenticationException e) {
            return BaseRespVo.fail("认证未通过");
        }
        Serializable id = subject.getSession().getId();
        return BaseRespVo.ok(id);

    }

    @Autowired
    AdminService adminService;

    @Autowired
    PermissionService permissionService;

    @Autowired
    RoleService roleService;


    @GetMapping("/info")
//    @RequiresPermissions(value = {"*"})
    public BaseRespVo info(String token) {
        AuthInfoVO authInfoVO = new AuthInfoVO();

        Subject subject = SecurityUtils.getSubject();
        String username = (String) subject.getPrincipals().getPrimaryPrincipal();

        if (subject.isAuthenticated()) {

            Admin admin = adminService.queryAdminByName(username);
            authInfoVO.setAvatar(admin.getAvatar());
            authInfoVO.setName(admin.getUsername());

            Integer[] roleIds = admin.getRoleIds();
            //通过roleIds去查perms信息
            List<String> permissions = new ArrayList<>();


            //通过roleIds去查出permission信息
            for (int i = 0; i < roleIds.length; i++) {
                List<String> strings = new ArrayList<>();
                strings = permissionService.selectPermissionByRoleId(roleIds[i]);



                for (String string : strings) {
                    if (!"*".equals(string)) {
                        List<String> permissionList = new ArrayList<>();
                        String resultPermission = ApiTransformUtils.apiTransform(string);
                        permissionList.add(resultPermission);
                        permissions.addAll(permissionList);
                    }else {
                        permissions.add("*");
                    }
                }




            }
            authInfoVO.setPerms(permissions);


            //通过roleIds去查roles信息
            List<String> roles = roleService.queryNameByRoleId(roleIds);

            authInfoVO.setRoles(roles);

            return BaseRespVo.ok(authInfoVO);

        }

        return BaseRespVo.fail();


    }

    @PostMapping("logout")
    public BaseRespVo logout(HttpServletRequest request) {
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return BaseRespVo.ok();
    }

}